Kamora ho lokolloa ha Firefox 67.0.3 le 60.7.1 litokollo tse ling tsa tokiso 67.0.4 le 60.7.2, tse felisitseng letsatsi la bobeli la matsatsi a 0. (CVE-2019-11708), e u lumellang ho feta mochini oa ho itšehla thajana oa sandbox. Taba ena e sebelisa ho qhekella ha IPC Prompt: Open call ho bula, ka ts'ebetso ea motsoali e se nang sandbox, litaba tsa tepo tse khethiloeng ke ts'ebetso ea ngoana. Ha e kopantsoe le ts'oaetso e 'ngoe, taba ena e ka feta maemo ohle a tšireletso 'me ea lumella khoutu hore e phethoe tsamaisong.
Bofokoli bo bonts'itsoeng likhatisong tse peli tsa ho qetela tsa Firefox pele li ka lokisoa ho hlophisa tlhaselo ea basebetsi ba phapanyetsano ea Coinbase cryptocurrency, hammoho le ho tsamaisa malware bakeng sa sethala sa macOS. hore lintlha tse mabapi le ho ba kotsing ha pele li rometsoe ho Mozilla ke setho sa Google Project Zero ka la 15 Mmesa le la 10 Phuptjane. mofuteng oa beta oa Firefox 68 (mohlomong bahlaseli ba ile ba hlahlobisisa tokiso e hatisitsoeng mme ba lokisetsa tlatsetso, ba nka monyetla ka ho ba kotsing e 'ngoe ea ho qoba ho itšehla thajana).
Source: opennet.ru